
A simple example of LDAP authentication using ngx_http_auth_request_module by golang.

Primary LanguageGoApache License 2.0Apache-2.0


A simple example of LDAP authentication using ngx_http_auth_request_module by golang.



Build from source

# git clone https://github.com/shanghai-edu/nginx-ldap-auth
# go mod tidy
# chmod +x control
# ./control build
# ./control pack


# tar -zxvf nginx-ldap-auth-0.1.tar.gz 
# cp nginx.conf /etc/nginx/nginx.conf
# mv cfg.example.json cfg.json // and change it 
# service nginx reload
# ./control start

cfg.json example

     // ldap config
    "ldap": {
        "addr": "ldap.example.org:389",
        "baseDn": "dc=example,dc=org",
        "bindDn": "cn=manager,dc=example,dc=org",
        "bindPass": "password",
        "authFilter": "(&(uid=%s))",
        "attributes": ["uid", "cn", "mail"],
        "tls":        false,
        "startTLS":   false
    // control config
            "deny":["","",""], // deny ips
            "direct":[] // direct ips
            "deny":["00:00-08:00","17:00-23:59"], // time deny
            "direct":[]  // time direct
        "allowUser":["user1"]  // user allowed to login, should be [] if all ldap users are allowed
    "http": {
        "ips":[""], // api trust ips
        "listen": ""